我正在尝试创建一个系统范围的挂钩来监视进程并终止不需要的进程
我搜索并发现我需要使用CBT钩子,我的第一次尝试失败了,这是第二次,虽然可以找到前一个问题Here 。
下面的代码构建得很好,但似乎甚至没有调用钩子!因为我尝试在DllMain()设置断点,但我从未到达那里!其他功能似乎是可以访问的!
这里的任何方式都是代码片段:
dllmain.cpp
// dllmain.cpp : Defines the entry point for the DLL application.
#pragma once
#include "stdafx.h"
#include <iostream>
#include <fstream>
#include <Windows.h>
using namespace std;
HINSTANCE currentProcessHandle;
HOOKPROC hkprcSysMsg;
HHOOK hookID;
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
std::ofstream outfile("test.txt");
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
currentProcessHandle = hModule;
break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
LRESULT CALLBACK HookProcedure(int nCode, WPARAM wparam, LPARAM lparam)
{
std::ofstream outfile("test.txt");
if (nCode >= 0)
{
switch (nCode)
{
case HCBT_CREATEWND:
outfile << L"Created!~";
cout << "Created!~" << endl;
break;
case HCBT_DESTROYWND:
outfile << L"Destroied!~";
cout << "Destroied!~" << endl;
break;
default:
cout << "sth else" << endl;
break;
}
}
else
{
return CallNextHookEx(hookID, nCode, wparam, lparam);
}
outfile.close();
}
__declspec(dllexport) void InstallHook()
{
hookID = SetWindowsHookEx(WH_CBT, HookProcedure, currentProcessHandle, 0);
}
__declspec(dllexport) void UnistallHook()
{
UnhookWindowsHookEx(hookID);
}
这就是这个 消费者应用
// Hook Executer.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "..\Dll\dllmain.cpp"
#include <iostream>
using namespace std;
int _tmain(int argc, _TCHAR* argv[])
{
int num = -1;
cout << "1.Install Hook"<<endl
<< "2.Unistall Hook"<<endl
<< "0.Exit";
do{
cin >> num;
if (num ==1)
{
InstallHook();
}
else
{
UnistallHook();
}
getchar();
system("cls");
cout << "1.Install Hook" << endl
<< "2.Unistall Hook" << endl
<< "0.Exit";
} while (num != 0 && num < 3);
return 0;
}
当我运行该程序时没有错误,甚至没有anykind的例外,它好像没有dll或者我没有在该dll内部编码!什么错了?
答案 0 :(得分:1)
在CPP文件中实现您的DLL代码,而不是标题:
//dllmain.cpp
#include "stdafx.h" // include <Windows.h>
// and other std headers in stdafx.h, if not already done
HINSTANCE currentProcessHandle;
HHOOK hookID;
BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call,
LPVOID lpReserved ) {
if ( ul_reason_for_call == DLL_PROCESS_ATTACH )
currentProcessHandle = hModule;
return TRUE;
}
LRESULT CALLBACK HookProcedure( int nCode, WPARAM wparam, LPARAM lparam ) {
if ( nCode < 0 ) return CallNextHookEx( NULL, nCode, wparam, lparam );
std::ofstream outfile;
outfile.open( "test.txt", // replace with an absolute path
std::fstream::app ); // append mode
if (nCode >= 0) {
switch( nCode ) {
case HCBT_CREATEWND:
outfile << "Created!\n";
break;
case HCBT_DESTROYWND:
outfile << "Destroyed!\n";
break;
default:
break;
}
}
outfile.close();
return 0;
}
void InstallHook( void ) {
hookID = SetWindowsHookEx( WH_CBT, HookProcedure, currentProcessHandle, 0 );
}
void UninstallHook( void ) { // NEW NAME
UnhookWindowsHookEx( hookID );
}
在头文件中声明DLL API。
// dllapi.h
void InstallHook( void );
void UninstallHook( void ); // NEW NAME
使用DEF文件导出,将其添加到DLL项目
; Def file
EXPORTS
InstallHook
UninstallHook
在EXE项目中,仅包含DLL头文件
#include "..\Dll\dllapi.h"
在EXE项目中,转到properties->Linker->Input->Additional dependencies并添加在构建DLL期间生成的lib文件。替代方法:使DLL成为解决方案的项目依赖项中EXE的依赖项,并在EXE属性中为Linker->general->Use Library dependency Inputs